Firewall rules won't load, freeradius2 package not installing



  • Upgrading my test Linux KVM from 2.1.1 pre-release (Feb8 build) to 2.2 kind of destroyed the system, no HTTP, no SSH after hard resetting it.
    I did not dig into this though, just installed it fresh from the latest 2.2 and restored my configuration.

    The biggest problems I found so far are:

    Firewall ruleset does not load:

    [ There were error(s) loading the rules: /tmp/rules.debug:66: syntax error - The line in question reads [66]: block in log inet all tracker 1000000101 label Default deny rule IPv4]
    

    freeradius2 does not install. Would be bad for my live system as the WLAN depends on it ;)

    Beginning package installation for freeradius2 .
    Downloading package configuration file... done.
    Saving updated package information... done.
    Downloading freeradius2 and its dependencies... 
    Checking for package installation... 
     Downloading https://files.pfsense.org/packages/10/All/freeradius-2.2.3_1-amd64.pbi ...  (extracting)
     ERROR: No digital signature! If you are *SURE* you trust this PBI, re-install with --no-checksig option.
    of freeradius-2.2.3_1-amd64 failed!
    
    Installation aborted.Removing package...
    Starting package deletion for freeradius-2.2.3_1-amd64...done.
    Removing freeradius2 components...
    Tabs items... done.
    Menu items... done.
    Services... done.
    Loading package instructions...
    Include file freeradius.inc could not be found for inclusion.
    Deinstall commands... 
    Not executing custom deinstall hook because an include is missing.
    Removing package instructions...done.
    Auxiliary files... done.
    Package XML... done.
    Configuration... done.
    done.
    Failed to install package.
    
    Installation halted.
    

    Edit:
    Found an option in Avanced settings to turn off the signature check, now freeradius2 installs. Does not run, though:

    Mar 27 10:17:09 	php-fpm[28966]: /pkg.php: freeRADIUS - No freeradius lib found on /usr/pbi/freeradius-amd64/lib
    Mar 27 10:17:11 	php-fpm[28966]: /pkg.php: freeRADIUS - No freeradius lib found on /usr/pbi/freeradius-amd64/lib
    Mar 27 10:17:15 	php-fpm[28966]: /pkg.php: freeRADIUS - No freeradius lib found on /usr/pbi/freeradius-amd64/lib
    Mar 27 10:17:17 	php-fpm[28966]: /pkg.php: freeRADIUS - No freeradius lib found on /usr/pbi/freeradius-amd64/lib
    Mar 27 10:17:18 	php-fpm[28966]: /pkg_edit.php: freeRADIUS - No freeradius lib found on /usr/pbi/freeradius-amd64/lib
    


  • tracker 1000000101

    That tracker stuff was only just added, so I would guess it might be the first place to look.
    I looked at http://www.freebsd.org/cgi/man.cgi?pf.conf but cannot see it in the FreeBSD pf man page.
    Maybe it is a feature added to "pf" for pfSense? But I can't see the pfsense-tools repo, so I have no idea and no way to see what the functionality is or to help look into it. This will be the frustrating part of having pfsense-tools repo not publicly available. Guess I better send in an access request and see if it is accepted.



  • Its a builder issue i fixed.

    The tracker is used to match properly log entries with expected rule.

    And yes its a pfSense only feature.


Log in to reply